oidc-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly requires runtime provider metadata and JWKS discovery from third-party issuer endpoints (e.g., "Prefer provider metadata discovery from /.well-known/openid-configuration" in SKILL.md and the references/spring-resource-server.md instructions to discover metadata/JWKS), which causes the agent-produced integrations to fetch and act on open/public third-party content that can materially affect validation and routing.